[
https://issues.apache.org/jira/browse/RANGER-738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alok Lal updated RANGER-738:
----------------------------
Description:
The TRANSFORM statement in Hive is a big security hole with Hive run without
impersonation, so when SQL Standard Authorization is enabled, the feature id
completely disabled which is a bit of a sledgehammer approach to securing this
statement.
Sentry added support for restricting this statement at a per-user/group level,
which should be adopted by Ranger.
https://issues.apache.org/jira/browse/SENTRY-598
was:
The TRANFORM statement in Hive is a big security hole with Hive run without
impersonation, so when SQL Standard Authorization is enabled, the feature id
completely disabled which is a bit of a sledgehammer approach to securing this
statement.
Sentry added support for restricting this statement at a per-user/group level,
which should be adopted by Ranger.
https://issues.apache.org/jira/browse/SENTRY-598
> Server-wide control over TRANSFORM clause in Hive
> -------------------------------------------------
>
> Key: RANGER-738
> URL: https://issues.apache.org/jira/browse/RANGER-738
> Project: Ranger
> Issue Type: New Feature
> Components: plugins
> Reporter: Scott C Gray
> Labels: features, security
>
> The TRANSFORM statement in Hive is a big security hole with Hive run without
> impersonation, so when SQL Standard Authorization is enabled, the feature id
> completely disabled which is a bit of a sledgehammer approach to securing
> this statement.
> Sentry added support for restricting this statement at a per-user/group
> level, which should be adopted by Ranger.
> https://issues.apache.org/jira/browse/SENTRY-598
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
